Mysterious accounts seem to be appearing all over the popular Twitter micro-blogging website. The suspicious accounts appear to be posting complete gibberish, when in reality are posting executable commands that are downloading malware to victims computers.Hackers have always longed to find new ways to hide their tracks and make attacks harder to see coming, but now hackers have turned to Twitter to become the host of a series of attacks against users. Hackers have managed to form a botnet using Twitter as a way to control compromised PCs.
The compromised computers could potentially launch DoS (denial of service) attacks – something Twitter has been hit by multiple times over the last few months – or spread spam to other users, turning the victim into a botnet as well.
Twitter is now reviewing the suspected accounts and suspending suspicious activity from happening, but since the shutdowns, more command-line accounts are being registered, popping up all over the website. These accounts could possibly be the very same ones that turn computers into slaves, attacking the very site that affected them.
This issue still requires that you have a malicious program installed beforehand, to read and interpret and make those harmless letters of text converted to malicious commands.
If I could attach a device to a telephone line and sent signals through that line that could be interpreted as malicious commands then that would be the same issue here. The problem isn't that you are able to send signals through a telephone line, but instead more of an issue that you would be able to install a program that converts those signals to something malicious. And here we are back to square one. Keep your computer secure; Use malware protection and keep your computer applications up-to-date.
But....they use Linux servers and Google Apps...
How can their security possibly be bad?
How can their security possibly be bad?
Just because they use Linux servers and Google Apps does not make them completely secure. Nothing is unbreakable.
How can their security possibly be bad?
Just because they use Linux servers and Google Apps does not make them completely secure. Nothing is unbreakable.
Just because you failed to notice his post was ironic does not make it less so.
MySpace comes to mind.
I don't think twitter was ever of any interest to teenagers, was it? Maybe for some new york/silicon valley rich kids, but it was never a craze to be compared with facebook or myspace among the younger generations.
And if it was, I think that time is already past. Even the local library where I live (Leeds, UK) has a "keep up to date with us on twitter!" slogan outside, and if there's ever a sure sign that the hype has passed it's a library catching on.
You mean ANY of these social networking sites were cool at one time?
That in itself is news to me!!
you can get hijacked via a tweet, i've yet to hear of Twitter fixing this exploit
http://www.techcrunch.com/2009/08/26/massi...olved-just-yet/
min user interaction required
you can get hijacked via a tweet, i've yet to hear of Twitter fixing this exploit
http://www.techcrunch.com/2009/08/26/massi...olved-just-yet/
min user interaction required
People should know better than to click on links posted by random, unknown people. Although this should be fixed, if twitter is at fault.
Those commands right there, are encoded in base64 and they are links. In those links, there's the malicious stuff.
More info here: http://asert.arbornetworks.com/2009/08/twi...ommand-channel/
So don't worry, regular, non-infected users. You're all fine (unless that by any chance you use your free time to decode tweets in base64, and execute the contents of the links they point you to).
You could always, you know, use an antivirus:
http://community.ca.com/blogs/securityadvi...ing-botnet.aspx
WAIT WAIT WAIT! Isnt that IRC stuff?
Hackers would install trojans on a computer. These trojans would be programmed to connect to basic chat channels on the web, usually IRC. The hackers would be sitting in the same chat channel and be able to issue commands to the trojan.
The same basic principal is taking place here. The trojan is programmed to visit a Twitter page where it reads the most recent command. Just like normal programming code, the commands look like scrambled text to normal users but actually mean something to the program.
All of the trojans installed on millions of computers form a botnet when controlled by a few individuals. Otherwise they would just be considered a bunch of virus infected computers.
Twitter is a good vehicle to control botnets because it eliminates the hacker from needing to use a client to control the trojan. The hacker just needs to open a browser, post the command and they're done. Nothing new here, just the botnet controllers have evolved very slightly. The problem with using Twitter is that it’s very noticeable.
The term 'hacker' in this case was used loosely.
still tho, if they had used something they run themselves, like an IRC channel, they wouldnt have left this much of a trail as when they used Twitter like that...
they even use flickr for this type of stuff!!!1oneone@11!1
they even use flickr for this type of stuff!!!1oneone@11!1
That last bit opened up my porn folder and broadcast it across my workplace network, you scoundrel!
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.